The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of MariaDB ~ precise

dojo: memory corruption via Prototype Pollution
An attacker can trigger a memory corruption via Prototype Pollution of dojo, in order to trigger a denial of service, and possibly to run code...
cpujul2020, CVE-2020-5258, CVE-2020-5259, DLA-2139-1, VIGILANCE-VUL-31771
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding End-of-line HTTP Request Smuggling
An attacker can bypass access restrictions to data via Reverse Proxy Transfer-Encoding End-of-line HTTP Request Smuggling of Apache Tomcat, in order to obtain sensitive information...
bulletinapr2020, cpujul2020, CVE-2020-1935, DLA-2133-1, DLA-2209-1, DSA-4673-1, DSA-4680-1, HPESBUX04015, openSUSE-SU-2020:0345-1, RHSA-2020:5020-01, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, SUSE-SU-2020:2611-1, USN-4448-1, VIGILANCE-VUL-31663
Apache Tomcat: information disclosure via Reverse Proxy Transfer-Encoding Header HTTP Request Smuggling
An attacker can bypass access restrictions to data via Reverse Proxy Transfer-Encoding Header HTTP Request Smuggling of Apache Tomcat, in order to obtain sensitive information...
bulletinapr2020, cpujul2020, CVE-2019-17569, DLA-2133-1, DSA-4673-1, DSA-4680-1, HPESBUX04015, openSUSE-SU-2020:0345-1, SUSE-SU-2020:0598-1, SUSE-SU-2020:0631-1, SUSE-SU-2020:0632-1, VIGILANCE-VUL-31662
MariaDB: privilege escalation via mysql_install_db
An attacker can bypass restrictions via mysql_install_db of MariaDB, in order to escalate his privileges...
CVE-2020-7221, VIGILANCE-VUL-31510
Spring Framework: Cross Site Request Forgery via CORS Preflight Requests
An attacker can trigger a Cross Site Request Forgery via CORS Preflight Requests of Spring Framework, in order to force the victim to perform operations...
cpujul2020, cpuoct2020, CVE-2020-5397, VIGILANCE-VUL-31363
Spring Framework: file reading via Content-Disposition Reflected File Download
A local attacker can read a file via Content-Disposition Reflected File Download of Spring Framework, in order to obtain sensitive information...
6344075, cpujul2020, cpuoct2020, CVE-2020-5398, VIGILANCE-VUL-31360
Oracle MySQL: vulnerabilities of January 2020
Several vulnerabilities were announced in Oracle products...
6253309, CERTFR-2020-AVI-036, cpujan2020, CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574, CVE-2020-2577, CVE-2020-2579, CVE-2020-2580, CVE-2020-2584, CVE-2020-2588, CVE-2020-2589, CVE-2020-2627, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2694, DLA-2103-1, FEDORA-2020-0ca47c5a7a, FEDORA-2020-cd9ec9d660, NTAP-20200122-0002, openSUSE-SU-2020:0289-1, RHSA-2020:3518-01, RHSA-2020:3732-01, RHSA-2020:3755-01, RHSA-2020:3757-01, RHSA-2020:4026-01, RHSA-2020:4174-01, SUSE-SU-2020:0496-1, SUSE-SU-2020:0505-1, SUSE-SU-2020:0523-1, USN-4250-1, USN-4250-2, VIGILANCE-VUL-31332
OpenSSL: information disclosure via Montgomery Squaring rsaz_512_sqr Overflow
An attacker can bypass access restrictions to data via Montgomery Squaring rsaz_512_sqr() Overflow of OpenSSL, in order to obtain sensitive information...
6228808, CERTFR-2019-AVI-611, cpujul2020, CVE-2019-1551, DSA-2020-062, DSA-2020-112, DSA-4594-1, JSA11025, JSA11074, openSUSE-SU-2020:0062-1, RHSA-2020:4514-01, SSA:2019-354-01, SSB-439005, SUSE-SU-2020:0002-1, SUSE-SU-2020:0028-1, SUSE-SU-2020:0064-1, SUSE-SU-2020:0069-1, SUSE-SU-2020:0099-1, SUSE-SU-2020:0474-1, SYMSA1768, USN-4376-1, USN-4376-2, USN-4504-1, VIGILANCE-VUL-31088
Oracle MySQL: vulnerabilities of October 2019
Several vulnerabilities were announced in Oracle products...
1172926, CERTFR-2019-AVI-509, cpuoct2019, CVE-2019-2910, CVE-2019-2911, CVE-2019-2914, CVE-2019-2922, CVE-2019-2923, CVE-2019-2924, CVE-2019-2938, CVE-2019-2946, CVE-2019-2948, CVE-2019-2950, CVE-2019-2957, CVE-2019-2960, CVE-2019-2963, CVE-2019-2966, CVE-2019-2967, CVE-2019-2968, CVE-2019-2969, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2993, CVE-2019-2997, CVE-2019-2998, CVE-2019-3003, CVE-2019-3004, CVE-2019-3009, CVE-2019-3011, CVE-2019-3018, FEDORA-2019-08c700185f, FEDORA-2019-40ed49f449, FEDORA-2019-48a0a07033, FEDORA-2019-d40df38271, NTAP-20191017-0002, openSUSE-SU-2019:2698-1, RHSA-2020:3518-01, RHSA-2020:3732-01, RHSA-2020:3755-01, RHSA-2020:3757-01, RHSA-2020:4026-01, RHSA-2020:4174-01, SUSE-SU-2019:3306-1, SUSE-SU-2019:3369-1, SUSE-SU-2019:3370-1, SUSE-SU-2020:0050-1, USN-4195-1, USN-4195-2, VIGILANCE-VUL-30636
MariaDB Connector/C: use after free via client_mpvio_read_packet
An attacker can force the usage of a freed memory area via client_mpvio_read_packet() of MariaDB Connector/C, in order to trigger a denial of service, and possibly to run code...
FEDORA-2019-60befaed69, FEDORA-2019-f873e2799f, openSUSE-SU-2019:1913-1, openSUSE-SU-2019:1915-1, VIGILANCE-VUL-30068
Our database contains other pages. You can request a free trial to read them.

Display information about MariaDB ~ precise: